A very poor tool to do S/MIME signatures on binary files. Probably insecurely.
A very poor tool to generate S/MIME signatures for arbitrary content & probably insecurely too.
A quick example:
>>> smime_sign( ... signer_cert_path="/path/to/files/signer.cert", ... signer_key_path="/path/to/files/signer.pem", ... recipient_cert_path="/path/to/files/recipient.cert", ... content="test", ... output_format="PEM", ... )
- Does S/MIME signatures.
- Verifies S/MIME signatures.
This utility library has single purpose - provide support for making S/MIME signatures on Python2 and 3, which currently lacks any proper libraries for that purpose.
The main use case it is built for: at work our system has to generate Apple Passbook Pass files, which include an S/MIME signature. Currently it is done using M2Crypto.SMIME. While that works - we want to migrate to Python3, and unfortunately for us M2Crypto is not fully supported. smime_sign is a poor man’s solution for this problem.
Internally this does nothing more than call openssl smime, so you might want to see its docs too.
- This may be insecure.
- This may be slow if you are signing large blobs of text.
smime_sign(signer_cert_path, signer_key_path, cert_path, recipient_cert_path, content, output_format)
Generates and returns signature string for content in output_format.
All *_path arguments must be absolute paths.
content must be a string, not a path.
Example to generate signature for Passbook manifest:
>>> manifest_json = "..." # JSON string with `manifest.json` content >>> signature = smime_sign( ... signer_cert_path="/path/to/files/signer.cert", ... signer_key_path="/path/to/files/signer.pem", ... cert_path="/path/to/files/intermediate.cert", ... recipient_cert_path=None, ... content=manifest_json, ... output_format="DER", ... )
smime_verify(signer_cert_path, content_path, signature_path, signature_format)
Verifies a content_path file against a signature at signature_path.
Note: this function was added to help in the tests only.
- Change the licence from AGPLv3 to MIT.
- Fix documentation rendering on PyPI
- Added support for passing intermediate certificates.
- Made recipient certificate optional.
- Argument structure for smime_sign has changed, therefore major version bump-up.
- First release on PyPI.
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
|Filename, Size & Hash SHA256 Hash Help||File Type||Python Version||Upload Date|
(6.6 kB) Copy SHA256 Hash SHA256
|Wheel||2.7||Sep 28, 2016|
(13.0 kB) Copy SHA256 Hash SHA256
|Source||None||Sep 28, 2016|